Vulnerabilities > Proofpoint > Enterprise Protection > 8.14.2

DATE CVE VULNERABILITY TITLE RISK
2023-11-06 CVE-2023-5771 Cross-site Scripting vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI.
network
low complexity
proofpoint CWE-79
6.1
2022-12-21 CVE-2022-46334 Improper Privilege Management vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions.
local
low complexity
proofpoint CWE-269
7.8
2022-12-06 CVE-2022-46332 Cross-site Scripting vulnerability in Proofpoint Enterprise Protection
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface.
network
low complexity
proofpoint CWE-79
critical
9.6
2022-12-06 CVE-2022-46333 Code Injection vulnerability in Proofpoint Enterprise Protection
The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope.
network
low complexity
proofpoint CWE-94
7.2
2022-11-17 CVE-2021-31608 Unspecified vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.
network
low complexity
proofpoint
4.3
2021-05-07 CVE-2020-14009 Improper Validation of Integrity Check Value vulnerability in Proofpoint Enterprise Protection 8.14.0/8.14.2
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules.
network
low complexity
proofpoint CWE-354
6.3
2020-01-13 CVE-2019-19680 Unspecified vulnerability in Proofpoint Enterprise Protection
A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email.
network
low complexity
proofpoint
8.8